This guide walks your Okta Administrator through creating a custom SAML 2.0 application, configuring attribute statements, and assigning users. Once complete, send the Identity Provider details to Human Focus and our team will activate SSO for your account. For assistance contact support@humanfocus.co.uk.
Single Sign ON (SSO) Set-up for Okta
Please follow the steps below to configure SAML 2.0-based Single Sign-On (SSO) between Okta and the Human Focus e-Learning system.
1. Sign in to Okta Admin Console and go to Applications
Sign in to your Okta Administrator Console at your-domain.okta.com using your Administrator account. In the left-hand navigation menu, click Applications, then click Applications again in the submenu.
2. Click “Create App Integration” and select SAML 2.0
Click Create App Integration. In the dialog that appears, select SAML 2.0 as the Sign-on method. Click Next.
3. Configure General Settings — name your application
On the General Settings tab, enter a name for the application — for example “Human Focus e-Learning”. Optionally upload a logo. Click Next to proceed to the SAML configuration.
4. Configure SAML Settings — enter the Human Focus SP details
On the Configure SAML tab, enter the following values in the SAML Settings section. These are the Service Provider details provided by Human Focus.
Single sign-on URL (ACS URL)
https://www.humanfocus.org.uk/CBTbyB/SAML/AssertionConsumerService.aspx
Audience URI (SP Entity ID)
https://www.humanfocus.org.uk/
Set Name ID format to EmailAddress and Application username to Email. Leave all other settings as default. Do not change the Response or Assertion Signature settings.
Important: The Single sign-on URL and Audience URI must be entered exactly as shown — even a trailing slash difference will cause authentication to fail.
5. Add Attribute Statements
Scroll down on the Configure SAML tab to the Attribute Statements section. Click Add Another and add the following four attributes. These allow Human Focus to receive the correct user identity and role upon sign-in.
Role Mapping: If you wish to enable automatic Role Mapping within Human Focus (to assign learner or manager permissions), ensure the roles attribute is populated consistently across your Okta user profiles. Please contact Human Focus to confirm the expected role values before enabling this feature.
6. Complete the Feedback step and finish
On the Feedback tab, select “I’m an Okta customer adding an internal app”. You may also select “This is an internal app that we have created”. Click Finish to create the application.
7. Assign users or groups to the application
After clicking Finish, you will be taken to the application’s overview page. Click the Assignments tab. Click Assign and choose either Assign to People (individual users) or Assign to Groups to grant access to all users in a group. Click Done when finished.
8. Download the IdP metadata and send to Human Focus
Click the Sign On tab of your Human Focus application. Scroll down to the SAML Signing Certificates section and click View SAML setup instructions. From this page, collect and send the following to Human Focus:
From the SAML setup instructions page, collect the following and email them to support@humanfocus.co.uk referencing your account name:
Identity Provider Single Sign-On URL
https://your-domain.okta.com/app/humanfocus/exk0abc123/sso/saml
Identity Provider Issuer (Entity ID)
http://www.okta.com/exk0abc123
Also download and attach the X.509 Certificate (click Download Certificate on the SAML setup instructions page). Our team will typically activate SSO within 1–2 business days of receiving your details.
